<?php
$current_date= date("Y-m-d H:i:s");
$user1=$_REQUEST['user_name'];
$password=$_REQUEST['user_password'];
$conn = mysql_connect('mysql2.freehostia.com','vlamat3_CS4350','lab');
          $db = mysql_select_db('vlamat3_CS4350', $conn);
          $sql = "SELECT * FROM `Comments_text` WHERE user = '$user1' ";
		  $rs = mysql_query($sql, $conn);
          $row = mysql_fetch_array($rs); 
		  $user=$row['user'];
             function display_comments($user_temp)
	 {
		  $conn = mysql_connect('mysql2.freehostia.com','vlamat3_CS4350','lab');
          $db = mysql_select_db('vlamat3_CS4350', $conn);
	      $sql = "SELECT * FROM `Comments_text` WHERE user = '$user_temp'";
          $rs = mysql_query($sql, $conn);
	      echo "<head>
		  <style type=\"text/css\">
.output {cursor:hand;font-size: 16pt; font-weight:bold;}
thead td {background-color:#2B60DE; color:#FDD017; font-weight:bold; font-size:11pt}
</style>
		  </head><body><table><thead><td>USER:</td><td>Comment:</td><td>Date:</td></thead>";
          while($row = mysql_fetch_array($rs)) 
    
          {
	 	      echo "<tr class=\"output\"><td  >".$row['user'].
		     	"</td><td >".$row['CommentText'].
		    	"</td><td >".$row['CommentDate']."</td><td><input type =\"button\" name=\"remove_btn\" value=\"Remove\" onclick=\"location.href='PHP_set_cookie.php?Remove_Item=".$row['CommentDate']."&current_user=".$row['user']."'\"/></td></tr>";
          }
		  $user_f = $_REQUEST['user_name'];
	      echo "</table></br></br>Please add your new comments here:<br/>
		  <form action=\"PHP_set_cookie.php?User=$user_f\" method=\"post\"><input =\"text\" value=\"Comments...\" name=\"TextComment\" MAXLENGTH=160 size=160/><br/><input type=\"submit\" name=\"AddNew\" value=\"Submit\"/></form></body>";
		  mysql_close($conn);             
      }

if($_REQUEST['AddNew'] == "Submit")


 { 	 $user4=$_REQUEST["User"];
	 $Comment=$_REQUEST['TextComment'];
	  $conn = mysql_connect('mysql2.freehostia.com','vlamat3_CS4350','lab');
	  $db = mysql_select_db('vlamat3_CS4350', $conn);
	  $sql = "SELECT password FROM `Comments_text` WHERE user = '$user4'";
          $rs = mysql_query($sql, $conn);
		   $p_t=mysql_fetch_array($rs);
		   $password3= $p_t['password'];
	  $sql = "INSERT INTO `Comments_text` VALUES('$new_session', '$user4', '$password3','$current_date','$Comment')";
	      mysql_query($sql, $conn);

 mysql_close($conn); $temp_var=1;
 }

		  if( $password == $_REQUEST['user_password'] AND $user1 == $user)
		 {         if($temp_var!=1){ mysql_close($conn);}
                   $comment_update = $_REQUEST['Remove_Item'];
					$comment_update= str_replace ("%20"," ",$comment_update);
          if ($comment_update != "99999")
	      {
			if($temp_var != 1) { $user1=$_REQUEST['current_user'];}else {$user1 =$_REQUEST["User"];}
		  $conn = mysql_connect('mysql2.freehostia.com','vlamat3_CS4350','lab');
          $db = mysql_select_db('vlamat3_CS4350', $conn);
	      $sql = "DELETE FROM `Comments_text` WHERE CommentDate = '$comment_update' AND user = '$user1'";
		  mysql_query($sql, $conn);
          mysql_close($conn); 
		 }
     display_comments($user1); 
		} else {echo "invalid credentials"; }

 ?>
